CVE-2008-2367

EUVD-2008-2363
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
redhatcertificate_system
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/33540
http://securitytracker.com/id?1021608
http://www.securityfocus.com/bid/33288
http://www.vupen.com/english/advisories/2009/0145
https://bugzilla.redhat.com/show_bug.cgi?id=451998
https://exchange.xforce.ibmcloud.com/vulnerabilities/48021
https://rhn.redhat.com/errata/RHSA-2009-0006.html
https://rhn.redhat.com/errata/RHSA-2009-0007.html
http://secunia.com/advisories/33540
http://securitytracker.com/id?1021608
http://www.securityfocus.com/bid/33288
http://www.vupen.com/english/advisories/2009/0145
https://bugzilla.redhat.com/show_bug.cgi?id=451998
https://exchange.xforce.ibmcloud.com/vulnerabilities/48021
https://rhn.redhat.com/errata/RHSA-2009-0006.html
https://rhn.redhat.com/errata/RHSA-2009-0007.html